This project will develop and evaluate visualizations to coherently represent the rich semantics of the security policy domain in order to promote collaboration between managers and IT security specialists and to improve the deployment of digital security within organizations. Effective shared understanding by organization managers and IT security specialists is critical for the successful specification and implementation of digital security policies. When the collaboration is poor, ambiguities and misunderstandings may result in assigning less priority to security policies proposed by security experts of the organization. It may also unnecessarily hamper the smooth security implementation in the organization, and ultimately the organization is prone to cyber-attacks.
Semantically rich visualizations can bridge this critical gap in comprehension, by providing a shared representation through which managers and IT specialists can understand each other’s perspectives and work together to refine policies and their implementations to contain the perceived threats to the organization. Little previous research exists on the design of visualizations as a solution to the problem of effective collaboration in cybersecurity policies.
The project will take two innovative approaches to develop visualizations for collaboration on cybersecurity policies. (a) It will invent a novel visualization for security policy collaboration using a proven approach to the design of semantically rich graphical representations, known as Law Encoding Diagrams. (b) It will investigate the application of an existing graphical notation for systems specification, Constraints Diagrams, as a potential solution to the security policy collaboration problem. Contrasting the two different types of representations will provide insights to what kind of visualizations can address the cyber security collaboration problem, why such visualizations work, and what is the most effect type of visualization.
Members
Lead Principal Investigator (LPI):
- Dr. Noora Fetais, Computer Science and Engineering Department, Qatar University (Email:
n.almarri@qu.edu.qa)
Principal Investigators (PI):
- Dr. Khaled Khan, Computer Science and Engineering Department, Qatar University (Email:
k.khan@qu.edu.qa)
- Dr Salah Sadou, Department of Informatics, University of South Brittany (Email:
Salah.Sadou@irisa.fr)
- Dr Armstrong Nhlabatsi, KINDI Center for Computing Research, Qatar University (Email:
Armstrong.Nhlabatsi@qu.edu.qa)
- Dr Jamal El-Hachem, Department of Informatics, University of South Brittany (Email: jamal.el-hachem@univ-ubs.fr)
Students:
Publications
Cherfa, Imane & Belloir, Nicolas & Sadou, Salah & Fleurquin, Régis & Bennouar, Djamal. (2019). Systems of systems: From mission definition to architecture description. Systems Engineering. 22. 10.1002/sys.21523
Funding (if applicable)
Funded By:
- International Research Collaboration Co-Funds (IRCC), Project Number IRCC-2019-010
Collaborating Institution(s)
- University of South Brittany, France
Source Code (if applicable)